30 open-source projects similar to autonomousapps/dependency-analysis-gradle-plugin, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Dependency Analysis Gradle Plugin alternative.
depcheck is a project dependency auditor and npm dependency analyzer for the JavaScript ecosystem. It functions as an abstract syntax tree parser that scans source code to identify unused packages or missing declarations within a project manifest file. The tool distinguishes itself by parsing multiple language syntaxes and file formats to locate dependency imports. It can identify dependencies declared within tool-specific configuration files for build tools, linters, and test runners, and supports extensibility through custom detectors and parsers. The system provides capabilities for depen
This project is a Gradle plugin designed to facilitate aspect-oriented programming within Android applications. It functions as a build-time tool that intercepts method calls to inject cross-cutting logic, allowing developers to centralize concerns such as logging, security, or performance monitoring without modifying individual source files. The plugin distinguishes itself by its ability to perform binary dependency weaving, which applies instrumentation across both local source code and external library formats like JARs and AARs. By utilizing the Gradle Transform API, it integrates directl
ArchUnit is a Java architecture testing library and automated validator that analyzes compiled bytecode to verify that source code adheres to predefined design rules. It functions as a testing framework that fails builds when the actual code structure violates architectural constraints. The library uses a fluent rule specification to define constraints and employs bytecode analysis to inspect class relationships and package dependencies. This allows for the automated detection of circular dependencies and the enforcement of dependency rules between packages. The tool covers a range of struct
Rushstack is a comprehensive toolset for managing large-scale TypeScript monorepos, providing a framework for build pipeline automation, dependency coordination, and static analysis. It functions as an incremental build orchestrator and management system designed to maintain consistency and performance across multiple packages in a shared workspace. The system distinguishes itself through an execution model based on directed acyclic graphs and content-hash-based incrementalism, which ensures only affected projects are rebuilt. It further optimizes development workflows via remote build artifa
Madge is a JavaScript module dependency visualizer and architecture mapper. It analyzes source code to create graphs and diagrams of module relationships, supporting CommonJS, AMD, and ES6 standards. The tool functions as a circular dependency detector to identify recursive import loops and a dependency graph generator that exports relationship maps into image and vector formats. It provides utilities for auditing project structure, including the identification of orphaned modules and leaf modules. Its broader capabilities include dead code identification, module impact analysis through depe
Pyre is a high-performance static type checker and analysis tool for Python. It identifies type errors and ensures type safety without executing the program, utilizing a static type inference engine to maintain consistency across functions. The project is distinguished by an incremental type analysis engine that operates as a background daemon. This system monitors filesystem changes to re-validate only modified parts of a project, reducing the time required for repeated analysis. It also includes a static analysis security tool that uses taint analysis to track untrusted data flows and ident
uv is a high-performance Python package manager and project build tool designed to handle dependency resolution, virtual environment orchestration, and Python interpreter management. It functions as a comprehensive workspace orchestrator, enabling developers to manage complex, multi-package repositories and ensure reproducible builds across different platforms. The tool distinguishes itself through its use of a global, content-addressable cache and hard-link-based environment provisioning, which allow for near-instant environment creation and minimal disk usage. It employs a high-performance
This project provides a functional package manager and a reproducible build system designed to ensure identical build inputs always produce the same outputs. It serves as the foundation for a declarative Linux distribution where the entire system state is defined in a configuration file, enabling predictable deployments and full-system rollbacks. The system uses a deterministic functional language and a lazy-evaluation expression engine to manage software dependencies and isolate build environments. It distinguishes itself through a content-addressable store that allows multiple versions of s
npm-check is a command-line tool that audits a project's npm dependencies, comparing local package versions against the npm registry to identify outdated, unused, or incorrect entries. It scans both package.json and node_modules, and can also inspect globally installed npm packages for the same issues. The tool distinguishes itself by offering multiple modes of operation. It can automatically update all outdated dependencies to their latest versions without interaction, suitable for automated scripts. Alternatively, it provides an interactive terminal interface that lets users review and
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Crab is a memory-safe systems programming language and ahead-of-time compiler designed for high-performance software. It utilizes a type system based on strict ownership and borrowing rules to prevent memory access errors at compile time. The toolchain includes an automated documentation generator that produces technical reference manuals and API guides by parsing structured source code annotations. It also features a dependency management tool to resolve external library graphs and ensure consistent project builds. The project covers software build automation, static type checking, and mult
Knip is a static analysis project cleaner and dead code analyzer for JavaScript and TypeScript projects. It identifies and removes unused files, dependencies, and exports to maintain a lean codebase and reduce bundle size. The tool functions as a monorepo dependency auditor, tracking exports and dependencies across multiple workspaces to find dead code in large multi-package projects. It specifically targets the removal of unused packages from project manifests and the deletion of unreferenced exports. Its capabilities cover dead code elimination, JavaScript dependency management, and TypeSc
Setuptools is a Python package build tool and distribution framework used to bundle code into distributable archives. It functions as a project metadata manager, allowing for the declarative definition of project identity, versioning, and dependencies. The toolkit distinguishes itself by providing an extension compiler for C and C++ source files and a plugin architecture that uses entry points to enable runtime discovery of functionality. It also supports development environment tooling, such as editable installs that link source code directly to the environment to allow immediate changes wit
pipreqs is a Python dependency generator and discovery tool. It scans project imports to identify the third-party libraries required to run a project and automates the generation of requirements files containing only the packages actually used in the source code. The utility functions as a requirements file manager by comparing installed packages against actual imports. It provides capabilities for pruning unused dependencies and auditing projects to identify missing or obsolete packages. The tool employs static analysis and abstract syntax trees to isolate import statements without executin
Conan is a package manager and binary repository for C and C++ that resolves and installs external libraries to ensure consistent build environments across different platforms. It functions as a native dependency resolver and a cross-platform build tool designed to facilitate reproducible native builds. The project provides capabilities for native package hosting, allowing users to implement a server to store and distribute pre-compiled libraries and their required dependencies. It also supports standalone binary bundling to create executable files that include all necessary runtime dependenc
This project is a reference implementation and tutorial designed to demonstrate the end-to-end workflow of building, versioning, and uploading Python distributions. It serves as a concrete project template and example for configuring metadata and build artifacts for package indices. The repository illustrates how to package software by defining project metadata and dependencies in static configuration files. It covers the process of transforming source trees into versioned archives and platform-specific binary distributions, specifically showing how to build binary wheels and source distribut
Sourcetrail is an interactive source code explorer and visualizer designed for indexing and navigating relationships between symbols and structures across large, multi-language codebases. It functions as a static analysis indexer and code dependency visualizer that maps calls and dependencies between source files to help reveal project architecture. The tool enables multi-language project analysis by using a language-agnostic indexing system to track symbols across different programming languages within a single interface. It allows for the discovery of software architecture and the explorati
Blade-build is a multi-language build system and software orchestrator designed to automate the compilation, linking, and testing of complex codebases. It functions as an incremental build engine that models project structures as directed acyclic graphs, ensuring that only affected modules are recompiled when source code or header files change. By utilizing declarative build specifications, the system provides a unified approach to managing dependencies and toolchains across diverse programming environments. The system distinguishes itself through a focus on hermetic build environments and re
This project is a collection of malware analysis reports and decompiled code focused on a backdoor embedded within an Android application. It serves as a study of Android APK malware, documenting the specific code patterns used for unauthorized data access and system security bypasses. The research focuses on dynamic bytecode loading and the execution of remote files to implement persistence. It specifically analyzes mechanisms for downloading and running remote Dalvik Executable files to change application behavior without updating the installed package. The analysis covers several security
go-plugin is a framework for implementing plugin architectures where extensions run as separate processes and communicate via a Go RPC plugin system. It functions as an inter-process communication library and lifecycle manager that allows host applications to discover, launch, and monitor external binary plugins. The framework enables cross-language plugin systems, allowing plugins written in different languages to integrate with a host through standardized RPC protocols. It features a bidirectional RPC bridge that allows both the host and the plugin to exchange interface implementations for
Moon is a monorepo build system and task runner designed to orchestrate complex projects with multiple packages. It functions as a dependency graph orchestrator that executes build targets in topological order and utilizes input hashing to cache results and skip redundant work. The project features a polyglot toolchain manager that automates the installation and versioning of language runtimes and CLI tools to ensure environment consistency. It also includes a plugin framework based on WebAssembly, allowing developers to extend build logic and toolchain behavior using any supported language.
This is an interactive single-page tutorial that teaches GNU Makefile syntax, rules, variables, and targets through hands-on examples. It serves as both a learning tool for build automation and a reference guide covering Makefile fundamentals, including pattern matching, built-in functions, and variable-driven build configuration. The tutorial walks through core Makefile concepts such as defining targets and prerequisites, using variables to parameterize commands, applying pattern rules for efficient file matching, and managing dependencies for incremental builds. It covers practical build au
Dagre is a pure JavaScript library for automatically laying out directed graphs. It implements a layered graph drawing algorithm based on the Sugiyama framework, positioning nodes in horizontal layers and routing edges to produce clear, readable visualizations with no native dependencies. The library handles edge routing as polylines with control points to avoid overlapping nodes, reduces edge crossings through heuristic node ordering within layers, and assigns final coordinates using a slack-based approach that respects minimum separation constraints. Graph structure and layout options are e
OpenRewrite is an automated refactoring engine and source-to-source migration framework. It uses a lossless semantic tree parser to represent source code as type-aware trees that preserve original whitespace and formatting, enabling precise and deterministic modifications. The project utilizes a declarative refactoring pipeline where sequences of transformations are defined in YAML to resolve breaking changes and technical debt. It features type-aware pattern matching and cross-language model mapping to apply similar refactoring patterns across different programming languages. The framework
Watchman is a filesystem change monitor and recursive directory watcher that operates as a background service to track file modifications in real time. It functions as an event-driven file trigger and state query engine, allowing users to retrieve directory snapshots and lists of changed files since a previous check. The project provides tooling for incremental builds by identifying exactly which files have changed to compile only necessary project components. It is designed for large scale directory watching, monitoring massive file trees while executing external commands or scripts automati
c3c is the compiler for the C3 programming language, transforming source code into executable binaries, static libraries, or dynamic libraries using an LLVM backend. It implements a system based on result-based error handling, scoped memory pooling, and a semantic macro system. The compiler provides first-class support for hardware-backed SIMD vectors that map directly to processor instructions and enables runtime polymorphism through interface-based dynamic dispatch. The project covers a broad set of low-level capabilities, including manual and pooled memory management, inline assembly inte
This project provides the core framework and system API layer for the Android operating system. It consists of the fundamental Java and C++ libraries that define system behavior and establish the interface contracts required for system applications and hardware abstraction. The project includes a runtime optimizer used to reduce startup time and improve execution speed by pre-compiling methods and configuring boot images. It also features a software quality toolchain that enforces code formatting, audits commit metadata, and manages API compatibility to ensure stable interface contracts acros
Koishi is an open-source framework for building multi-platform chatbots, designed around an adapter-driven architecture that lets a single bot connect to multiple messaging services with consistent logic. It provides a plugin-based development platform with hot reload support, enabling developers to write and update bot extensions using TypeScript without restarting the application. A web-based management console offers a graphical interface for configuring plugins, commands, permissions, and monitoring runtime status. What distinguishes Koishi is its combination of a dynamic plugin lifecycle
This project is a comprehensive guide and educational resource for the TypeScript language. It covers the fundamental principles of the language, including its structural type system, static type analysis, and the process of transpiling typed source files into JavaScript. The material details how to model complex data and reusable type logic using generics, conditional types, and mapped types. It also explains the use of declaration files to provide type safety for external JavaScript libraries and the integration of type checking into existing JavaScript projects via JSDoc annotations. The
Compodoc is a TypeScript API documentation generator, static site generator, and project architecture visualizer. It parses source code and JSDoc comments to create searchable technical reference sites, API catalogues, and standalone HTML pages. The project distinguishes itself by analyzing import statements to produce dependency graphs and module maps that illustrate the structural relationships within a codebase. It includes specialized support for visualizing Angular projects, NestJS workflows, and Stencil web components, and can embed live working demos directly into documentation pages.